-
Notifications
You must be signed in to change notification settings - Fork 96
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: secp256k1 fromSeedPhrase now supported #645
Conversation
Pending security review |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@krpeacock : Thanks a lot for adding this! As requested I reviewed the security warnings and they look good to me, thanks. Also, given those warnings it seems OK to me to provide this additional features.
Just out of curiosity: Do you know what use cases people want to solve with this?
FYI Internet Identity also has code that creates a Ed25519KeyIdentity from a seed phrase. See here.
|
||
This identity can be generated using the bip39 curve from a seed phrase, to produce a consistent identity across `dfx` and `agent-js`. In this package, import `Secp256k1KeyIdentity` and call `fromSeed`, passing in your seed. You can import the same seed in `dfx` by writing it to a file, and running `dfx identity import --seed-file <filename>`. | ||
|
||
Depending on the security of what this identity controls, this should not be used carelessly. Even copy/pasting a phrase can be a risk, and you should make your best efforts to discourage your users from storing seed phrases digitally or using them in browser contexts that may be at risk of cross-site scripting. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I like the warning, thanks for adding it!
Description
For some time, people have requested support for re-using a consistent identity across their stack, either for testing purposes or CI. This code has been available, but was not included in
agent-js
. For convenience, this method is now supportedAffects #622
How Has This Been Tested?
Unit testing
Checklist: